Lucene search
K
UbuntuRecent

10890 matches found

Ubuntu
Ubuntu
•added 2023/01/25 10:46 p.m.•80 views

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/25 8:14 p.m.•88 views

USN-5828-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2018-20217 Greg Hudson discovered that Kerberos PAC implementation...

8.8CVSS7.1AI score0.06419EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/25 5:56 p.m.•83 views

USN-5827-1: Bind vulnerabilities

Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. CVE-2022-3094 Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries....

7.5CVSS7.4AI score0.5017EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/25 1:10 p.m.•50 views

USN-5826-1: Privoxy vulnerabilities

Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. CVE-2021-44540 Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform...

7.5CVSS6.4AI score0.01302EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/25 9:38 a.m.•51 views

USN-5825-1: PAM vulnerability

It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication...

9.8CVSS8.4AI score0.01218EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/24 10:34 p.m.•176 views

USN-5823-2: MySQL vulnerability

USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL...

4.9CVSS7AI score0.01115EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/24 6:20 p.m.•85 views

USN-5823-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, t...

9.8CVSS6.9AI score0.43131EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/24 2:31 p.m.•92 views

USN-5821-2: wheel vulnerability

USN-5821-1 fixed a vulnerability in wheel. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this...

7.5CVSS7AI score0.02659EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/24 12:58 p.m.•128 views

USN-5822-1: Samba vulnerabilities

It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. CVE-2021-20251 Evgeny Legerov discovered that Samba incorrectly handled buffers in certai...

9.8CVSS7.6AI score0.06419EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/24 9:21 a.m.•60 views

USN-5821-1: wheel vulnerability

Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.02659EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/24 2:19 a.m.•55 views

USN-5820-1: exuberant-ctags vulnerability

Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution...

7.8CVSS7.2AI score0.00577EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/23 2:41 p.m.•60 views

USN-5806-2: Ruby vulnerability

USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10. Original advisory details: Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi ge...

8.8CVSS7.4AI score0.02287EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/23 2:21 p.m.•59 views

USN-5819-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service...

6.5CVSS6.2AI score0.01834EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/23 1:14 p.m.•161 views

USN-5818-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.1CVSS7.6AI score0.02154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/23 8:51 a.m.•76 views

USN-5817-1: Setuptools vulnerability

Sebastian Chnelik discovered that setuptools incorrectly handled certain regex inputs. An attacker could possibly use this issue to cause a denial of service...

5.9CVSS7.3AI score0.02617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/23 6:29 a.m.•91 views

USN-5816-1: Firefox vulnerabilities

Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...

8.8CVSS8.2AI score0.00702EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/19 8:7 p.m.•83 views

USN-5815-1: Linux kernel (BlueField) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/19 7:27 p.m.•80 views

USN-5814-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/19 5:44 p.m.•245 views

USN-5813-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/19 4:4 p.m.•91 views

USN-5810-2: Git regression

USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly...

8.7AI score0.56334EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/01/19 1:52 p.m.•78 views

USN-5812-1: urllib3 vulnerability

It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service...

7.5CVSS7.3AI score0.03273EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/18 7:23 p.m.•76 views

USN-5811-2: Sudo vulnerability

USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has...

7.8CVSS8.1AI score0.55367EPSS
Exploits20
Ubuntu
Ubuntu
•added 2023/01/18 5:44 p.m.•222 views

USN-5811-1: Sudo vulnerabilities

Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. CVE-2023-22809 It was discovered that the...

7.8CVSS7.5AI score0.55367EPSS
Exploits21
Ubuntu
Ubuntu
•added 2023/01/17 6:36 p.m.•86 views

USN-5810-1: Git vulnerabilities

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-23521 Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could...

9.8CVSS8.7AI score0.56334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/17 6:10 p.m.•88 views

USN-5809-1: Linux kernel (OEM) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/17 6:0 p.m.•93 views

USN-5808-1: Linux kernel (IBM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/17 5:21 p.m.•65 views

USN-5807-1: libXpm vulnerabilities

Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. CVE-2022-44617 Marc...

8.8CVSS6.8AI score0.01284EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/17 1:16 p.m.•56 views

USN-5806-1: Ruby vulnerability

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application...

8.8CVSS7.3AI score0.02287EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/16 12:18 p.m.•72 views

USN-5795-2: Net-SNMP vulnerabilities

USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these...

8.8CVSS7.3AI score0.5346EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/16 8:28 a.m.•112 views

USN-5805-1: Apache Maven vulnerability

It was discovered that Apache Maven followed repositories that are defined in a dependency’s Project Object Model pom even if the repositories weren't encryptedh http protocol. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service...

9.1CVSS7.8AI score0.08691EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2023/01/13 7:11 p.m.•88 views

USN-5804-2: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/13 2:50 a.m.•100 views

USN-5804-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/13 2:4 a.m.•95 views

USN-5803-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/12 9:31 p.m.•89 views

USN-5801-1: Vim vulnerabilities

It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 CVE-2022-0392 It was discovered that Vim makes illegal...

8.4CVSS7.5AI score0.01541EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/12 8:28 p.m.•80 views

USN-5802-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/12 5:12 p.m.•90 views

USN-5800-1: Heimdal vulnerabilities

It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. CVE-2021-44758 Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote...

9.8CVSS7.1AI score0.06419EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/11 1:23 a.m.•87 views

USN-5799-1: Linux kernel (OEM) vulnerability

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.5AI score0.00428EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/10 11:28 p.m.•80 views

USN-5793-4: Linux kernel (IBM) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/01/10 9:58 p.m.•84 views

USN-5793-3: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/01/10 9:3 p.m.•69 views

USN-5798-1: .NET 6 vulnerability

Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint...

7.5CVSS8AI score0.0274EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/10 8:10 p.m.•84 views

USN-5791-3: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/10 12:17 p.m.•56 views

USN-5796-2: w3m vulnerability

USN-5796-1 fixed a vulnerability in w3m. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that w3m incorrectly handled certain HTML files. A remote attacker could use this issue to cause w3m to crash, resulting in a denial of service...

7.8CVSS7.6AI score0.00441EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/10 6:37 a.m.•73 views

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score0.00892EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/01/09 9:3 p.m.•98 views

USN-5793-2: Linux kernel (Azure) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/01/09 8:51 p.m.•89 views

USN-5791-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/09 8:8 p.m.•93 views

USN-5792-2: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/09 4:16 p.m.•111 views

USN-5797-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.1AI score0.34574EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/09 1:17 p.m.•62 views

USN-5796-1: w3m vulnerability

It was discovered that w3m incorrectly handled certain HTML files. A remote attacker could use this issue to cause w3m to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.6AI score0.00441EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/09 1:12 p.m.•85 views

USN-5795-1: Net-SNMP vulnerabilities

It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.5346EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/09 11:24 a.m.•79 views

USN-5787-2: Libksba vulnerability

USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to...

9.8CVSS8AI score0.0155EPSS
Exploits2
Total number of security vulnerabilities10890